Hi,
In case the field occurrence is more than 1 then result of the Field.new will be a table/array and not just 1 value.
Try something like this:
ip_src_f = Field.new("ip.src")
local ip_src_table = { ip_src_f() }
for i,ip_src in ipairs(p_src_table) do
local src = tostring(ip_src.value)
-- ....
end
Regards,
Tamas
-----Original Message-----
From: wireshark-dev-bounces@xxxxxxxxxxxxx [mailto:wireshark-dev-bounces@xxxxxxxxxxxxx] On Behalf Of Gerald Combs
Sent: Tuesday, 11 May 2010 11:00 AM
To: Developer support list for Wireshark
Subject: [Wireshark-dev] Extracting multiple FieldInfo values from a Field in Lua
I'm trying to extract the "outer" and "inner" ip.src fields in an ICMP time-to-live exceeded packet using Lua. If I create a listener that runs the following:
ip_src_f = Field.new("ip.src")
local ip_src = ip_src_f()
local src = tostring(ip_src.value)
I can only see the lowest-layer ip.src field. According to the User's Guide, calling a field's method obtains *all* of the FieldInfo values for that field. Adding a debug printf to Field__call in wslua_field.c shows it pushing two ip.src values into the stack for each ICMP packet, so Lua is presumably receiving them. Does anyone know how to access them within the script?
The Lua API also provides a all_field_infos() function which returns the entire dissection tree. Are there any examples that show how to use it?
